Equifax Agrees To Sizable Settlement Over Data Breach
Two years after an Equifax Inc. data breach compromised the private information of over 147 million people, the company has agreed to pay no less than $575 million after agreeing to terms of a settlement with the all 50 states, the Consumer Financial Protection Bureau and the Federal Trade Commission.
Pacific Business News (PBN) reported the complaint against Equifax alleged the company was made aware of a “critical security vulnerability” in March of 2017 that made its ACIS database vulnerable. That database contains personal information about consumer credit card data.
It wasn’t until Equifax security noticed suspicious activity in July of that year that the company investigated and found “multiple hackers were able to exploit the system’s vulnerability and gain entry to Equifax’s network of personal information,” PBN reported.
The Hawai‘i Office of Consumer Protection said the breach was the largest of its kind. is the largest ever breach of consumer data and enforcement action on the matter to date.
As much as $425 million will funnel into a consumer restitution fund, PBN reported, while the company will pay out $175 million to states that filed complaints. According to PBN, Equifax will pay a separate fee of $100 million as part of a federal investigation from the Consumer Financial Protection Bureau.
The settlement payout to Hawai‘i is expected to be $1 million, PBN reported.